mediosdigitalesfandomcom_es-20200214-history
ERDM
ERDRM: A Digital Rights Management System Model for Educational Resources Shujuan Wang1,2 and Qingtang Liu1,2 1 Engineering Research Center of Education Information Technology, Huazhong Normal University, Wuhan, Hubei. P.R. China, 430079 2 Department of Information Technology,Huazhong Normal University, Wuhan, Hubei. P.R. China, 430079 wsj_xgz@126.com, liuqtang@mail.ccnu.edu.cn 1 Introduction In the era of knowledge-based economy, it has been accepted to all that we should set up lifelong education system and build a learning society. The foundation and premise for these is the development of modern distance education, which is most important in a populous nation such as China. Quality is all a lifeline of distance education, but the intellectual property protection of educational resources has been an issue which restricts the quality of distance education. There have been a number of relevant laws do with the intellectual property protection on the Internet, but just legal restriction is far from enough, technological support is needed. Digital Rights Management 1 (DRM for short) is a series of hardware and software technologies which protect the rights and benefits involved in all kinds of digital contents. It ensures that the digital resources is legally used in its total life cycle, balances the benefits and requirements of all entities involved in the value chain, and promotes the information dissemination and the development of whole digital market. Concretely, DRM includes the description, identification, transaction, protection, supervision and auditing of multiform usage of digital resources. DRM provides permanent protection measures for the resources, which prevent unauthorized or authorized limited access to the digital resources. 70 S. Wang and Q. Liu The main driving force of DRM comes from industry 1. The most representative sample is the protection of eBook, electronic music, and digital movie. Several famous international companies have release their own solutions and productions, such as Microsoft’s WMRM, Real Networks’ Helix DRM, Adobe’s Content Server, and IBM’s EMMS. 2 Current DRM Systems 2.1 Classification of DRM Systems Existing DRM systems could be classified into different categories according to different standards (such as safety technique chosen, protected object, etc.). The protected objects include: software, eBook, images, stream media and contents on mobile devices. The main function of software-protected DRM system is the precaution of software piracy. The protection of software appeared in the 1980s, which could be regarded as the earliest application of DRM. In the early times, the methods to prevent software piracy include the usage of key floppy disk, copy-proofed CD, encryption card, etc. Many new software-protection forms appear along with the development of DRM technology and network technology. The eBook-protected DRM systems have two kinds of applications: the online bookstore (such as Amazon, eReader), and the digital library (such as netLibrary, Apabi). The online bookstore sells eBook directly to the readers while the digital library only provides borrowing service, and both of them have to protect the rights against infringement by third parties. The images-protected DRM systems are somewhat complex. Some websites attach their own logo onto the images to prevent others from using it illegally. But the visible logo sacrificed the image’s quality. Another preferable method is to embed the copyright information into the images by digital watermarking. If someone used the images without authorization, the owner could detect the copyright information hided in the images with special software, and prove it. Now the companies who focus on digital watermarking include: Digimarc in USA and High Water Signum in England. They provide similar service. In China the “Patriot Banshen” digital watermarking system could satisfy the requirement 8. Digital watermarking could also be used in stream media market. The stream media-protected DRM system protects electronic music, electronic movies and videos. Now some marketers have used DRM technology. Some famous stream media systems have their own rights management solutions, such as WMRM, EMMS and Helix DRM, etc. The DRM system used on movable device can protect images, ringtone, mp3, mp4, etc. Because the movable platform is different from PC platform, the embedded systems present new technological demands on DRM. At present, some mobile phone (such as Nokia) has applied DRM technology supporting OMA DRM. 15 Along with the development of intelligent mobile phone, the DRM still cannot achieve real copyrights protection. ERDRM: A Digital Rights Management System Model for Educational Resources 71 ' 2.2 Decisive Concepts in DRM' The research on DRM always includes the architecture, content security, rights expression, as well as authentication. The systems are different in those points. This section is mainly about their characteristics, and gives a contrast on current DRM systems. Architecture. The generic DRM architecture accepted to all includes three core components: the content packaging server, the license server and the client. The DRM packager in content packaging server encrypts the content and transfers them to the user through P2P, email, or downloading service, etc. the rights package will be transferred to license server. The DRM controller in client determines the way the user using the content, through policies bound to the package and implicit in the packaging format, that the requested use requires authorization. If the license cannot be found on the user’s machine or has expired. The DRM controller should make rights request by packaging and sending attributes of the user and the content to a license server. The license server verifies the submitted client identification or attributes credentials, creates license, packaged and transferred to client securely. For more information about DRM architecture, you may access. 72 S. Wang and Q. Liu Content Security. Generally, the protection of digital content is based on encryption technology, namely encrypting the digital content at first before distribution. So the unauthorized user cannot get valuable information even they have intercepted the content during transmission successfully. Digital watermarking is a new direction in information security field. It can protect the copyright and integrity of information. Digital watermarking is applied in those fields: remote monitor and control, owner authentication, ownership verification, operation tracking, content identification, copy restriction and device control. Rights Expression. Rights Expression plays an important role in DRM, it works by rights expression language (REL). Existing works in this area include the INDECS project. One of the basic distributions of this project is clearly separating and identifying the three core entities: Users, Content, and Rights 3. Users can be any type: from a rights holder to an end consumer. Content also can be any type of content at any level of aggregation. The rights entity is an expression of the permissions, constraints, and obligations between the Users and the Content. Most of the existing RELs are XML-based. The two most developed RELs are XrML 14 and ODRL 12, 13. Authentication. Authentication is a fundamental part of any DRM system, because it is the foundation of rights management. The DRM system verifies the reality and validity of the user’s identity, then determines whether make authorization or not with the results. The most applied authentication technologies are password-confirming and hardware binding. 3 Digital Rights Management in Education Digital rights management is complex and difficult regardless of the application domain. Nonetheless, education places some very specific demands on it. This section introduces the specific requirement presented by education for DRM, discusses the security technology available, and analyzes their merits and demerits. 3.1 Specific Requirements Presented by Education IEEE LTSC DREL Study Group makes a deeply study on the domain features of education, learning, and training 4. The prominent ones of them are listed below: • In the education area, the education resources may have multiple authors for the joint authorship is very common. The educational resources may be reconstructed from multiple learning objects. The rights expression language of the DRM system must be able to identify rights information associated with component learning objects and with contributing authors as distinct from rights associated with aggregate works. • In web-based education, the users participate in learning, reuse the educational resources, and all of these will raise the privacy problem, for the privacy may be protected by privacy acts and local policies. The DRM system has to consider these acts and policies carefully. • Learning, education and training are all highly local activities, yet the education resources will be created and distributed across jurisdictional and domain boundaries in a distributed education. So the rights should be expressed from a combination of local and global context. • Actually, Profits is always not the main objective of creating the intellectual property in education, and the attribution seems more important. Most of the authors are wish to share their ideas if they are in fact properly acknowledged with some constraints, even the constraints may be different according to the practical situation. • In the copyright laws, there are always some items about “fair use” refers to education and research, as a result, maybe we cannot just divide the users simply into the authorized and the unauthorized. 3.2 Security Technology Issues Security technology issues must be considered in digital rights management application. Actually these issues include authentication and content security which were mentioned above in section 2. Authentication is the foundation of rights management, and it is also a very important part of DRM system. The DRM system verifies the reality and validity of the user’s identity then make decision with the results. Most of the e-learning systems are made up by databases and platforms, in which different platforms provide different services. The COLIS project 5 in Australia use SSO to realize the integrity of services. SSO means a user signs on once in a system, he or she could access all the systems that trust the first system. SSO is integrity on the “Authentication” level. 74 S. Wang and Q. Liu Content Security can be realized by digital watermarking or data encryption technology. Also there is web scripting technology can be used in DRM for educational resources for most of the resources can be formatted by HTML. Digital Watermarking. Digital watermark is a pattern of bits inserted into digital images, audio or video files that identifies the file’s copyright information (author, rights, etc.), but these information are always invisible, or in the case of audio clips, inaudible. Moreover, the actual bits representing the watermark must be scattered throughout the file in such a way that they cannot be identified and manipulated. And finally, the digital watermark must be robust enough so that it can withstand normal changes to the file. The purpose of digital watermarks is to provide copyright protection for intellectual property that’s in digital format. Digital watermark is just for tracking the copyright information other than assuring the security of content. It can be used in the protection of sharable educational resources. Data Encryption. Data encryption is the basic security technology in the network. Encryption is the most effective way to achieve data security. It is a proactive defense policy, provides huge security with very small cost. There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption. Encrypting digital works is foundational in copyrights protection. The content protection in DRM is mainly based on encryption. To read the encrypted file, you must have access to a secret key or password that enables you to decrypt it. Most of the existing stream media DRM systems are based on data encryption technology. Although very safe, these systems go against retrieval, go against the sharing and communication of educational resources. Web Scripting Technology. The web scripting technology controls access to the web page’s content by inserting functional scripting code into the source code. Such as disabling right click, disabling select, disabling edit, disabling printing, and so on. It also could restrict the time of access and operation. This method can protect educational resources on certain level, but this low security is only satisfied the demands of some valueless resources. 4 The ERDRM System Model Based on the previous sections, this section brings forth the ERDRM, a digital rights management system model for educational resources. 4.1 Functional Components of the Model Educational resources is based on a collection of files, including text, images, video and other multimedia formats, but most of the formats cited above can be expressed by HTML files, and HTML, GIF and JPG are common formats used in learning objects. Our system applies C/S infrastructure. There are server-side and client-side in this model. The server provides three services: content packaging, licensing management, content distributing. The core of Client is the trusted Add-on, which is in charge of the requesting and executing of rights. 4.2 Expression, Control and Implementation of Rights Expression, control and executing of the rights information flow are very important in DRM. As mentioned in section 1, both XrML and ODRL are XML-based and they have been accepted by several standards organization. XrML is perfect but complex, its parser is bulky and takes long time to download and run. XrML is protected by patents. All these make it is far from a suitable REL for educational resources DRM systems. On the other hand, ODRL has been a standard of OMA’s mobile DRM rights expression language. COLIS, OPENIPMP and many other projects have applied ODRL as an REL. In our model, we still apply ODRL as reference REL. 4.3 DRM System on e-Learning Platform Digital rights management of educational resources is part of the e-Learning platform, so it has to integrate seamlessly with the other systems, such as learning management system, learning content management system and resources management system. Management and control of the learning object’s rights information. Learning object’s rights information flow exists in the whole lifecycle. A simple example, learning content management system gain educational resources with rights attributes from resources management system, and delivered them to learning object exchange system in security, the DRM system protects the learning objects to be distributed and add relevant authentication and rights information on them, then learning management system manages the license and permissions. The user accesses and uses protected learning objects while he or she participates in the activities of learning management system as authorized. The user can reuse the learning object to create a totally new learning object. ERDRM: A Digital Rights Management System Model for Educational Resources 77 Modules in a whole e-Learning platform have all kinds of interactions, which isn’t limited to the situations mentioned above. In DRM-enabled e-Learning platform, DRM system works on the Parties directory, learning object exchange system and learning management system. In a broad sense, all entities have participated in the implementation of digital rights management. 5 Conclusion Many e-Learning organizations and high schools have attempted to apply DRM technology in web-based education, but most of them focus on rights expression language and the standards. There is no real mature solution for the realization of digital rights management. By analyzing the education’s particular demands on digital rights management, we proposed a digital rights management system model for educational resources. We studied the expression, control and execution of rights and the relationship between DRM system and other systems on e-Learning platform in section 3. Our next work is developing the product system based on the model. Many of these open issues and problems are intertwined and will require an integrated approach to be satisfactorily resolved, and this is the work we should make great efforts in the future.